Many Americans look forward to Black Friday sales for both in-person and online shopping. But while shopping from home may seem convenient, cybercriminals are using impersonation attacks to target accounts. Amazon is the latest online retailer to warn millions of users about the threat.

What did Amazon say about impersonation scams to its customers?

According to emails sent to Newsweek and Forbes, Amazon warned more than 300 million users that Black Friday sales could prompt scammers to access their “sensitive information” through multiple channels, making it crucial for customers to be on the lookout for suspicious activity.

Impersonation scams occur when scammers pose as trusted organizations or individuals to steal money, personal information or access to your devices. They can appear via phone, email, text or social media, and often trick victims into making payments or sharing sensitive data, the company shared on its website.

“Scammers that attempt to impersonate Amazon put consumers at risk. We will continue to invest in protecting consumers and educating the public on scam avoidance,” Amazon said in an emailed statement to Newsweek on Monday. The retailer added in a separate email to Forbes that cybercriminals are targeting users to gain “sensitive information like personal and financial information, or Amazon account details.”

Scammers may use various impersonation tactics to access information

Amazon also outlined the types of impersonation attacks scammers may use to trick users into falling for their tactics:

—Fake delivery or account-related messages

—Third-party advertisements, including on social media, promoting unusually good deals

—Messages through unofficial channels requesting account or payment information

—Similar attempts delivered via unfamiliar links

—Unsolicited tech support phone calls

Additionally, Amazon suggested that customers use the website or the mobile app for services like customer service, account changes, delivery tracking and refunds, according to Newsweek.

What is the FBI saying about cybercriminals and impersonation scams?

On Tuesday, the Federal Bureau of Investigation released a notice about cybersecurity, scammers and impersonation scams, noting that financial institutions and companies are at risk and how to stay vigilant.

“The FBI warns of cyber criminals impersonating financial institutions to steal money or information in Account Takeover (ATO) fraud schemes. The cyber criminals target individuals, businesses, and organizations of varied sizes and across sectors,” the federal agency said in the notice.

“In ATO fraud, cyber criminals gain unauthorized access to the targeted online financial institution, payroll, or health savings account, with the goal of stealing money or information for personal gain. Since January 2025, the FBI Internet Crime Complaint Center (IC3) received more than 5,100 complaints reporting ATO fraud, with losses exceeding $262 million.”

The FBI also provided protection tips:

—Be careful about the information you share online or on social media.

—Monitor your financial accounts on a regular basis.

—Always use unique, complex passwords.

—Use Bookmarks or Favorites for navigating to login websites.

—Stay vigilant against phishing attempts.